Astra Web Security Blog - Website & CMS Security News

astra, web, security, blog, website, cms, security, news

Drupal is an acknowledged content management system which was launched in 2001. Since then it has come a long way to becoming the third most sought after content management system with around 700,000 sites using it. Following we have a list of Unsupported Drupal Modules that have known security issues which haven't been fixed by their maintainers. Uninstalling these modules…

How to prevent SQL Injection (SQLi) in Opencart 1.5.x/2.x/3.x

Opencart, one of the most prominent Open Source Shopping Cart Solution is eye candy to hackers and online attackers. Opencart uses MySQL for its databases, and incorrect interaction with the database results in various vulnerabilities. One of them is SQL injection (SQLi). Opencart has been on the radar of hackers and many cases of SQLi in OpenCart have been found in the past…

Opencart has been the most sought-after platform as a store management system for e-commerce merchants. Owing to its simplified design, interactive UI and ease of use, Opencart is largely favored for retail activities online. However, in light of its popularity, Opencart has notoriously garnered a reputation for being an eye candy for hackers and other attackers with malicious intent. As…

51 Must-Do Checks on WordPress Website Maintenance One of the best Content Management Systems powering millions of websites on the internet, WordPress is an user-friendly CMS that allows you to build any kind of website you want. However, owing to its huge popularity, hackers are always on the lookout for loopholes and vulnerabilities on the WordPress website. Thus, one of…

All You Need to Know About Android App Vulnerability: Insecure Communication

The Open Web Application Security Project (OWASP) has listed Insecure Communication as the third most exploited risk in mobile applications. As the name suggests, Insecure Communication refers to mobile app vulnerability where sensitive data is intercepted while it's traveling across the wire. This type of mobile app vulnerability is most common since the majority of applications exchange data in a client-server fashion.  When the data is transmitted, it…

Wordpress Spam Results Google Search

Over the past few months, a new type of seasoned malware injection has surfaced on the internet, this malware’s intentions are pretty clear. It generates Spam Search Results when someone Googles about your WordPress website. The most common attacks are Japanese SEO Spam, Wordpress Pharma attack & Spam links. This WordPress Spam malware creates junk pages on your website that get redirected…

All You Need to Know About Android App Vulnerability: Insecure Authentication

The Open Web Application Security Project (OWASP) has listed Insecure Authentication as the fourth most exploited risk in mobile applications. Insecure Authentication exploits vulnerable authentication schemes by faking or bypassing authentication. They do so by submitting service requests to the mobile app’s backend server, in order to bypass any direct interaction with the mobile app. The attacker carries out this process via mobile malware…

Close